Senior ITCyber Auditor

At F5 we strive to bring a better digital world to life. Our teams empower organizations across the globe to create secure and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity from protecting consumers from fraud to enabling companies to focus on innovation.

Everything we do centers around people. That means we obsess over how to make the lives of our customers and their customers better. And it means we prioritize a diverse F5 community where each individual can thrive.

Life at F5 is never dull. We are constantly identifying industry trends and disruptions then innovating to get ahead of future customer needscreating application services that help the worlds leading organizations deliver their critical business apps faster and with the highest levels of flexibility security performance and support.

But our success is not driven solely by what we do. We also care deeply about how we do it. At F5 our culture is how we live every single day. And it is producing extraordinary resultsnot only for our customers but also for our employees. We understand that your life is about more than just work so we are committed to a culture that supports your whole life. We offer work/life integration programs like Freedom to Flex dynamic employee inclusion groups paid parental leave tuition assistance for professional development a comprehensive mentoring program rewards/recognition and so much more. At F5 we truly do help each other thrive.

As a Senior IT/Cyber Auditor you will be responsible for executing individual internal audit projects with a focus on the examination and analysis of internal controls risks and processes related to F5s information systems IT infrastructure and IT internal control environment. This position includes developing project scope defining and executing internal audit procedures preparing highquality reports to accurately reflect the work performed and actively monitoring the status of outstanding issues. The Senior IT/Cyber Auditor will also assist Internal Audit Management in providing periodic reports to the Audit Committee and developing the annual internal audit plan.

Primary Responsibilities:

• Assist in defining scope approach and projectspecific risks for IA engagements included in the annual audit plan contributing to annual risk assessments and audit plan development.

• Plan document and conduct complex audit assignments and projects executing all aspects of IA projects independently and/or as a part of a team with management input and oversight.

• Assist with special audits consulting projects and other assignments as requested.

• Develop an awareness of changes in IT audit practices regulatory requirements and IT Risk frameworks to understand their impact on auditing (e.g. NIST CSF/RMF NIST 80053/FedRAMP NIST 800218 NIST 800161 Cloud Shared Responsibility Model IaaS/PaaS/SaaS service models Cloud Security Alliance (CSA) COBIT ISO/IEC 270xx PCIDSS SOC 2 etc.

• Develop knowledge of policy procedures internal control concepts and best practices to assess policy compliance control design and effectiveness and adherence to best practices.

• Build relationships with key stakeholders across F5 providing valuable business support as a trusted advisor on processes risks and controls prior to key process/system implementations.

• Conduct stakeholder interviews (to include observation testing and documentation) and audit fieldwork in accordance with IA department standards;

• Identify document and communicate issues recommendations and process improvement opportunities; and review/draft clear concise IA findings and reports to present to management.

• Partner with IA stakeholders to develop corrective action plans

• Manage multiple projects concurrently and meet timely targets for assigned projects

• Develop skills to lead audit engagements and coach other auditors.

• Perform SOX IT General Controls (ITGC) testing of key IT and automated business processes as required in collaboration with IT Compliance and External Audit. Test key reports for accuracy and completeness via validation of report logic source data and input parameters.

• Maintain a concern for IA process improvement with a focus on methodology and cost savings opportunities and leveraging data analytics to provide valuable insights into the risk assessment and audit plan development process.

Other Responsibilities:

• Uphold F5s Business Code of Ethics and model the Be F5/Lead F5 Behaviors.

• Promptly report violations of the Code or other company policies.

• Adhere to IIA standards and perform other related duties as assigned.

Knowledge Skills and Abilities:

• Understanding of internal control concepts and experience in applying them to plan perform manage and report on the evaluation of various business processes areas and functions.

• Experience auditing and evaluating IT projects/programs/systems (e.g. SDLC reviews) infrastructure cybersecurity risks/controls and operating systems (Oracle experience is a plus)

• Must be able to work independently with limited direction see the big picture while maintaining a strong attention to detail and work on multiple projects with varying team members.

• Strong understanding of internal auditing standards COSO/COBIT risk assessment practices technical aspects of accounting and financial reporting and regulatory compliance.

• Strong interpersonal organizational and planning skills with unquestionable ethics/integrity

• Strong communicator with the ability to disseminate issues via written reports and verbal discussions document results and prepare/present audit reports to peers and management.

Qualifications:

• BA/BS from an accredited university in MIS/IT/CS business finance cybersecurity or a related field (or equivalent education and work experience)

• 5 years of IT audit InfoSec/cybersecurity and/or IS/IT experience in a public accounting firm or public company with a focus on security privacy ERM GRC and controls

• CISA / CISSP (preferred) CIA CPA CCSP CISM

• IT auditing skills with familiarity in at least one of the following areas: Cyber Security including auditing an ISO 27001 ISMS; data analytics Robotic Process Automation (RPA) system development & testing; UNIX; Windows; Oracle SQL (Technology industry experience is a plus)

• Strong interpersonal skills to communicate effectively both written and verbally with technical and nontechnical audiences and work with all levels of management.

• Exceptional organizational/time management skills attention to detail and diligence are required to document thought processes validate assertions with logic deliver quality work consistently and adjust your approach as required based on management feedback.

• Ability to work a flexible schedule during key business deadlines.

Physical Demands and Work Environment:

• Duties are performed in a normal office environment while sitting at a desk/computer table

• Duties require the use of a computer communication by phone and reading printed material.

• Duties may require travel via car/plane lifting up to 50lbs and work outside of standard hours.

Benefits:

• Comprehensive medical dental and vision coverage; 401K with company match

• Generous paid vacation time paid holidays and paid parental leave

• Quarterly Wellness Weekends to focus on personal and professional growth

• Global Good initiatives like employee matching volunteering and F5 Foundation

• Additional benefits include free transit cards free vanpools Social Thursdays etc.

• Work/life integration programs like Freedom to Flex dynamic employee inclusion groups a comprehensive mentoring program and rewards/recognition

• Tuition assistance for professional development

#LIEM1

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However the description may not be allinclusive and responsibilities and requirements are subject to change.

F5 maintains broad salary ranges for its roles in order to account for variations in knowledge skills experience geographic locations and market conditions as well as to reflect F5s differing products industries and lines of business. The pay range referenced is as of the time of the job posting and is subject to change.

You may also be offered incentive compensation bonus restricted stock units and benefits. More details about F5s benefits can be found at the following link:https://www.f5/company/careers/benefits. F5 reserves the right to change or terminate any benefit plan without notice.

Please note that F5 only contacts candidates through F5 email address (ending with @f5 or auto email notification from Workday (ending with f5 or @myworkday.

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race religion color national origin sex sexual orientation gender identity or expression age sensory physical or mental disability marital status veteran or military status genetic information or any other classification protected by applicable local state or federal laws. This policy applies to all aspects of employment including but not limited to hiring job assignment compensation promotion benefits training discipline and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting .